Privacy of Your Smart Phone: Police Search and Seizure and Apple’s Fight Against the FBI
There is a huge privacy fight going on this month up in Washington regarding privacy and your smart phone, as the Federal Bureau of Investigation (FBI) wants access to all the data that is setting encrypted on the iPhone taken by the local police in the aftermath of the San Bernardino shootings. Some may argue that this deals only with that criminal case, but they’d be wrong.
If the federal government is allowed to force Apple to write code allowing an override of the phone’s encryption so the agents can read the stored phone content, then a precedent has been set that can be used later.
Against other people. Other defendants. You.
Apple iPhone and the FBI: Curious Controversy Up in Congress
This is a very big deal. Last month, the FBI jumped its first hurdle when it convinced a California federal court judge to rule that Apple should do what’s necessary to access the encrypted data on the San Bernardino’s iPhone. Apple appealed the decision.
Congress is holding a hearing on this request. In testimony before Congress yesterday, the head honcho of the FBI, Director James Comey testified that a court ruling forcing Apple to fork over to the FBI the content that is contained on the San Bernardino iPhone is “potentially precedential” — and that the ruling might well be used by the FBI in the future against other phone companies to access encrypted data on other phones.
Interesting question: this controversy exploded into the courts and Congress because the FBI made a “mistake” in dealing with the iPhone long ago and reset the password on the iPhone. Once they did that, the software will automatically delete the phone’s content if the FBI fails to enter the correct password in a certain number of tries.
That’s why they had to go to Apple for help, and that’s how the court case began — because Apple said nope. Surely the FBI knew better than to make such a simple mistake?
Another good question: where’s the NSA in all this? Why did the FBI go over to Apple and ask them to help gain access to the iPhone? Why not just get the hackers at the NSA to wave their magic wands and grab the content?
Good questions to ponder, aren’t they?
Search and Seizure Laws Exist to Protect Your Privacy
Under the Federal Constitution, as well as the Texas Constitution and state and federal laws, you have a right to privacy and the police powers are limited. Law enforcement cannot wily nilly grab your cell phone and use it, or take stuff off of it, without due process.
It should come as no surprise that law enforcement doesn’t always respect those privacy rights. Sometimes, they ignore the constitutional right to privacy intentionally. Sometimes, they just don’t know any better.
Criminal defense lawyers in Dallas, North Texas, and elsewhere must be on the lookout in every case for unreasonable searches and seizures. It’s important, because if you have been searched illegally and as a result your property (including your phone and its content) has been unconstitutionally seized, then it IS NOT ADMISSIBLE in court and cannot be used by the prosecution in any case he or she is trying to bring against you.
Furthermore, any evidence that is “fruit of that poisonous tree” can be excluded as well.
What is an Illegal Search and Seizure?
The Fourth Amendment, as a general rule, is violated when there is any search and seizure without the police having a judge’s approval to do so via a proper search warrant. The search warrant is a document signed by the judge that okays the police doing the search and seizing property. It will state in its terms things like (1) where the police can and cannot look; and (2) what things they are allowed to look for during the search.
Search warrant language will give the police their directions on where they can go and what they can do: boundaries are defined, and particular items to be searched for are described.
Exceptions exist to this general rule, of course. An individual can waive the protection, and say “go ahead, do what you want.” If there is an emergency, like someone is in imminent danger, say a kidnap victim or hostage, then that’s an exception to the rule as well. Another one: if there is a concern that the police may be in danger, a “protective sweep” can be done for evidence in plain view that might be used to harm the officers.
Motions to Suppress
From a criminal defense perspective, the search and seizure has already happened by the time that the prosecution gets involved. They have the evidence and they want to use it. Defense lawyers have to go before the court and argue their motions to suppress the seized property on Fourth Amendment unconstitutional search and seizure grounds.
Sometimes, this will get the case tossed. Other times, it weakens the prosecution’s case so much that plea negotiations for lower charges are likely to occur.
If that motion to suppress is not fought, then the evidence will be used. Unconstitutionally seized evidence is used against defendants by the District Attorney’s Office all the time. That’s not considered prosecutorial misconduct.
Moreover, prosecutors are fine with it. They want a win, and if the defendant doesn’t move to suppress an unconstitutionally seized smart phone, then that is the defendant’s problem from their perspective.
And if you think that prosecutors don’t think this way and aren’t prone to use all sorts of ways to get evidence for their case, think again.
Today, for instance, there was an example of prosecutorial-thinking in the ABA Journal, reporting on an Ohio state prosecutor who set up a fake Facebook account and began contacting defense witnesses who were providing alibi testimony for the defendant. The prosecutor got a one-year suspension for his Facebook antics — after he was caught. Gotta wonder if others are doing this without getting nabbed?
Encrypted Phones and Search and Seizure
It’s easy to be swayed by the ownership of this particular phone: the San Bernardino shootings were terrorist acts. However, focus on the rights involved here. The iPhone has a password; if the FBI cannot unlock the phone within a certain number of tries, the Apple software will automatically delete the stored data. Same with your smartphone: too many incorrect passwords, and the phone assumes it’s been stolen and erases all your stuff.
Now, the FBI wants case precedent to force the phone manufacturer to write new code for its phone that would override this security feature. Of course, this code would not work just on the San Bernardino phone. It would work on all the Apple iPhones. So it could be used again.
And the case itself could be used in the future against other phone companies to do the same thing with their products.
So, future motions to suppress the evidence found on these phones could not be successful, arguably, because prosecutors could reference the “Apple case” as their excuse for grabbing all the phone’s content.
Outcries Against the FBI Action Against Privacy of Phone Owners
The Electronic Frontier Foundation has published lots of information on how serious this situation is for the privacy of all phone owners, and stands with Apple in the fight. So does the ACLU. From the American Civil Liberties Union:
“The Constitution does not permit the government to force companies to hack into their customers’ devices. Apple is free to offer a phone that stores information securely, and it must remain so if consumers are to retain any control over their private data. The government’s request … risks setting a dangerous precedent.”
What does Apple say?
February 16, 2016 A Message to Our Customers
The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand.
This moment calls for public discussion, and we want our customers and people around the country to understand what is at stake.
Answers to your questions about privacy and security
The Need for Encryption
Smartphones, led by iPhone, have become an essential part of our lives. People use them to store an incredible amount of personal information, from our private conversations to our photos, our music, our notes, our calendars and contacts, our financial information and health data, even where we have been and where we are going.
All that information needs to be protected from hackers and criminals who want to access it, steal it, and use it without our knowledge or permission. Customers expect Apple and other technology companies to do everything in our power to protect their personal information, and at Apple we are deeply committed to safeguarding their data.
Compromising the security of our personal information can ultimately put our personal safety at risk. That is why encryption has become so important to all of us.
For many years, we have used encryption to protect our customers’ personal data because we believe it’s the only way to keep their information safe. We have even put that data out of our own reach, because we believe the contents of your iPhone are none of our business.
The San Bernardino Case
We were shocked and outraged by the deadly act of terrorism in San Bernardino last December. We mourn the loss of life and want justice for all those whose lives were affected. The FBI asked us for help in the days following the attack, and we have worked hard to support the government’s efforts to solve this horrible crime. We have no sympathy for terrorists.
When the FBI has requested data that’s in our possession, we have provided it. Apple complies with valid subpoenas and search warrants, as we have in the San Bernardino case. We have also made Apple engineers available to advise the FBI, and we’ve offered our best ideas on a number of investigative options at their disposal.
We have great respect for the professionals at the FBI, and we believe their intentions are good. Up to this point, we have done everything that is both within our power and within the law to help them. But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.
Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.
The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.
The Threat to Data Security
Some would argue that building a backdoor for just one iPhone is a simple, clean-cut solution. But it ignores both the basics of digital security and the significance of what the government is demanding in this case.
In today’s digital world, the “key” to an encrypted system is a piece of information that unlocks the data, and it is only as secure as the protections around it. Once the information is known, or a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge.
The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.
The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.
We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them.
A Dangerous Precedent
Rather than asking for legislative action through Congress, the FBI is proposing an unprecedented use of the All Writs Act of 1789 to justify an expansion of its authority.
The government would have us remove security features and add new capabilities to the operating system, allowing a passcode to be input electronically. This would make it easier to unlock an iPhone by “brute force,” trying thousands or millions of combinations with the speed of a modern computer.
The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.
Opposing this order is not something we take lightly. We feel we must speak up in the face of what we see as an overreach by the U.S. government.
We are challenging the FBI’s demands with the deepest respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications.
While we believe the FBI’s intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.
Comments are welcomed here and I will respond to you -- but please, no requests for personal legal advice here and nothing that's promoting your business or product. Comments are moderated and these will not be published.